Hello there, my dev team is using supertokens for managing authentication. The client requested two-factor authentication and I found out it's work in progress in supertokens. Is it possible to know how it's going? In how much time roughly it will be released?

hi all, I've read this article https://supertokens.com/blog/the-best-way-to-securely-manage-user-sessions but I still curious about Notes For Implementation no.4: 4. Detection of refresh token theft does not require the database to explicitly store invalidated tokens. This can be achieved through structuring the refresh tokens using parent-child hierarchies (see Github implementation). can anyone explain about this

parent-child hierarchies

? I've tried to find on github with no luck

I could just tied access token jti with the refresh token record, but how I detect if refresh token was stolen if there's just one refresh token stored on database?

@everyone

Please don’t tag everyone

Just… testing

Does frontend function

doesSessionExist()

make a network call? If we're building our own frontend UI, how is doesSessionExist() intended to be used? Should I be calling it in every frontend component that needs to know if a session exists? Should I call it and then instead cache the result?

On the email verification page https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/email-verification/about for the plain javascript option, it talks both about not being supported and requiring calls to the supertokens apis myself. Which is it?

doesSessionExist

email verification question

YOU TUCKER

Pussu

DELETINT YOUR PONG

Yo

ayo chill

bro chill 😂😂😂

NO CHOLL

maybe he did it by mistake

riiifht

U JUST PUTNG EVERYONE

BY MOSTAKE

just don't do it again man @Adiboi chill it's okay

maybe an announcement or something

ok

Seriously was just testing. Ive switched off the setting on discord, i have no idea why it still works

ah that’s because u r an admin

look

@everyone